APPLIED: [PATCH 1/2] lib: fwts_alloc: add field width limit for sscanf
Keng-Yu Lin
keng-yu.lin at canonical.com
Wed Sep 17 03:10:25 UTC 2014
On Mon, Sep 15, 2014 at 6:45 AM, Colin King <colin.king at canonical.com> wrote:
> From: Colin Ian King <colin.king at canonical.com>
>
> Adding a field width limit to avoid buffer overflow
>
> Signed-off-by: Colin Ian King <colin.king at canonical.com>
> ---
> src/lib/src/fwts_alloc.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/lib/src/fwts_alloc.c b/src/lib/src/fwts_alloc.c
> index 2a8fcd9..afebe2a 100644
> --- a/src/lib/src/fwts_alloc.c
> +++ b/src/lib/src/fwts_alloc.c
> @@ -75,7 +75,7 @@ static void *fwts_low_mmap(const size_t requested_size)
> return MAP_FAILED;
>
> while (fgets(buffer, sizeof(buffer), fp) != NULL) {
> - sscanf(buffer, "%p-%p %*s %*x %*s %*u %s",
> + sscanf(buffer, "%p-%p %*s %*x %*s %*u %1023s",
> &addr_start, &addr_end, pathname);
>
> /*
> --
> 2.1.0
>
>
> --
> fwts-devel mailing list
> fwts-devel at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/fwts-devel
More information about the fwts-devel
mailing list